Changing passwords using APEX and Database Credentials

We are developing an application that uses database credentials. We can login very easily. Is there a simple way to create a page so that the users can change their own passwords? I understand that the users will in effect be issuing an ALTER USER statement from within APEX. However, we get an "Insufficient Privileges" error message when issuing the command from APEX. So, whose credentials is APEX using?

J,
So, whose credentials is APEX using?
There are no credentials involved here. All code in your PL/SQL application is parsed as the schema that owns the application. When you implement your PL/SQL application using Application Express, that schema is the "Owner" attribute, or parsing schema.
See Re: ORACLE Password Change using APEX FORM
Scott

Similar Messages

  • Changing password of Sysman and DBSNMP users in Oracle 10g (10.2.0.3.0)

    Hi,
    When i changed my sysman and dbsnmp password, these users are frequently locking.
    For sysman password change i do the following steps.
    1) emctl stop dbconsole
    2) change password of sysman and dbsnmp from sql
    3) Post sysman password change to emoms.properties file
    4) Post DBSNMP password change in targets.xml
    5) emctl start dbconsole.
    DBSNMO AND SYSMAN users were locked.
    Stop dbconsole again
    Unlock the user sysman and dbsnmp
    then again restart dbconsole
    Sysman user locked
    Another thing do we need to have same password for dbsnmp and sysman
    Regards,
    irfanb146

    Now Sysman and DBSNMP users are unlocked after i made the password of sysman change again and they are not locking.
    Following is the message in the browser
    Enterprise Manager is not able to connect to the database instance. The state of the components are listed below.
    Browser is showing All the components are up like instance, Agent and Listener with green arrows upward
    Message was edited by:
    user605066

  • My itunes account was disabled for some reason.  I changed password in iforgot and still didn't work.  I could log in but not make purchases from the store so I set up a new login/account .  Is there any way to move my music to the new account?

    My itunes account was disabled for some reason.  I changed password in iforgot and still didn't work.  I could log in and see my music but not make purchases from the store or even redeem an itunes gift card so I set up a new login/account with another email account of mine. On the new account I can redeem my gift card and download items onto my ipad2.  Is there any way to move my music to the new account?

    Launch the Console application in any of the following ways:
    ☞ Enter the first few letters of its name into a Spotlight search. Select it in the results (it should be at the top.)
    ☞ In the Finder, select Go ▹ Utilities from the menu bar, or press the key combination shift-command-U. The application is in the folder that opens.
    ☞ Open LaunchPad. Click Utilities, then Console in the icon grid.
    Make sure the title of the Console window is All Messages. If it isn't, select All Messages from the SYSTEM LOG QUERIES menu on the left. If you don't see that menu, select
    View ▹ Show Log List
    from the menu bar.
    Click the Clear Display icon in the toolbar. Then try the action that you're having trouble with again. Select any messages that appear in the Console window. Copy them to the Clipboard by pressing the key combination command-C. Paste into a reply to this message (command-V).
    When posting a log extract, be selective. In most cases, a few dozen lines are more than enough.
    Please do not indiscriminately dump thousands of lines from the log into this discussion.
    Important: Some private information, such as your name, may appear in the log. Anonymize before posting.

  • HT201394 I updated and restarted my iphone 5 now i cant get passed the startup? I have changed password many times and i have tried to skip it but it shuts off?

    I updated and restarted my iphone 5 now i cant get passed the start up? I have changed password many times and i have tried to skip it but it shuts off?

    I have same issue

  • Apex and database links

    Hi,
    How does Apex perform using database links. We are currently on version 3.1.1.00.09 of Applicatiion Express and have all of our data in one database. We will soon be upgrading our environment to Oracle Database Appliance. We are thinking about splitting our staging area out of our existing database. We use Apex for our dashboard reporting. We are in hopes to upgrade to latest version of Apex. If we split our database up we will have to use database links to access data. How does Apex perform using database links. Will our Interactive reports work? Will performance degrade? Wanted to know your thoughts on that.
    Pam

    Having used such a model for several years, I'd confirm that it is possilble to make it work, however it may not be optimal, performance-wise (depending on your data model).
    Typically speaking, if you are just querying your external database "straight" (i.e. where all of the tables being queried are on the remote DB), you shouldn't notice a significant degradation in performance. The problems can come in when you either include "local" tables in your queries (in which case you need to decide which site should be 'driving') or where DML is involved (in which case the driving site defaults to the local DB) - your execution plans can change quite significantly and often for the worse.
    I have tried a few strategies to mitigate against this, including converting some DML statements to be based on pipelined table functions instead of views, creating local Materialized Views of commonly accessed data (usually aggregated in some manner), or caching result sets (i.e. using the built-in apex caching function) for something more flexible but ultimately it'd be easier if everything was sitting on the same DB.

  • Create a Recovering/Changing Password web form and send email notification

    Hi all
    I am looking for a web page or application that will allow an user to change his/her database password. I am thinking about those web forms where end users enter the current password and the new password, hit submit and the new password gets activated. Then the web form send an email notification
    The database is an Oracle 10G database.
    Is there any template similar to this one http://www.asp.net/learn/security/tutorial-13-vb.aspx for an Oracle database?
    thanks
    J

    Write a stored procedure that uses native dynamic SQL and just pass in the new password.

  • Host Credentials and  Database Credentials

    Hi
    I'm using Enterprise Manager to startup my database. I don't know the username and password for Host Credentials and username and password for Database Credentials? I can't start up my database without knowing them. I provided the following information and i hope based on these information, you give a solution/
    Username of os is: Reza_Account
    All unlocked users have the same password: orareza
    server is on localhost
    URL of Enterprise manager is: http://localhost:5500/em
    Thank you,
    SRQB

    Hello SRQB,
    Please post this question to the DB forum, they will be able to help you better.
    Deepak

  • Changing password using forms_ddl not working

    All,
    I am building a custom logon screen that is similar to Metalink Document 30860.1. The form works fine until it encounters error "ORA-28001 password expired". When this occurs the user is moved to a different block (CHNG_PSSWRD) to change their password.
    In the OK button on this block I use the forms_ddl command to alter the user's password, then logout and log back in using the new password. This is where the application fails. The forms_ddl built-in returns form_faliure=false however, the password does not change and when the code attempts to logon the user back on the form encounters error ORA:1017. I can verify this by logging into SQL*PLUS, the password is still expired.
    Here is the relevant code:
    When-Button-Pressed (Item Level, on LOGON_BLOCK.BUTTON_CONNECT)
    DECLARE
         v_connectResults varchar2(20);
    BEGIN
         v_connectResults := connect_to;
    IF v_connectResults = 'YES' THEN
    leave(TRUE);
    END IF;
    :global.logon_tries := TO_NUMBER(:global.logon_tries) - 1;
    IF TO_NUMBER(:global.logon_tries) = '0' THEN
    leave(FALSE);
    END IF;
    IF v_connectResults = 'EXPIRED_PASSWORD' THEN
         msg_popup(dbms_error_text,'E',FALSE);
    go_block('CHNG_PSSWRD');
    END IF;
    END;
    FUNCTION connect_to RETURN VARCHAR2 IS
    BEGIN
    IF :logon_block.username IS NULL THEN
    BELL;
    END IF;
    LOGON(:logon_block.username,
    :logon_block.password||'@'||:logon_block.connect, FALSE);
    IF FORM_SUCCESS THEN
    RETURN 'YES';
    ELSIF dbms_error_code = -28001 then
         RETURN 'EXPIRED_PASSWORD';
    ELSE
         msg_popup(dbms_error_text,'E',FALSE);
    RETURN 'NO';
    END IF;
    END;
    PROCEDURE leave(p_status BOOLEAN DEFAULT TRUE) IS
    BEGIN
    IF p_status THEN
    :global.logged_on := 'TRUE';
    ELSE
    :global.logged_on := 'FALSE';
    END IF;
    EXIT_FORM;
    END;
    This procedure is called by the OK button on CHNG_PSSWRD block
    PROCEDURE change_password (p_passWrd in varchar2)
    IS
    v_un varchar2(60) := get_application_property(username);
    v_cs varchar2(60):= get_application_property(connect_string);
    statement varchar2(100);
    begin
    -- build the alter user statement for changing the password
    statement := 'alter user ' ||v_un ||' identified by ' || p_passWrd;
    -- print the contents of statement & connect string for testing purposes
    msg_popup(statement || ' connect string: ' || v_cs,'I',FALSE);
         -- execute the alter user statement
    forms_ddl(statement);
    -- if RDBMS does not accept password, display database error message
    if FORM_FAILURE then
         msg_popup(DBMS_ERROR_TEXT,'E',TRUE);
    else
         -- password was accepted, log user back in with new password
         logout;
         if FORM_FAILURE then
              msg_popup(DBMS_ERROR_TEXT,'F',TRUE);
         end if;
         logon(v_un,p_passWrd ||'@'||v_cs,FALSE);
         -- Display error message if login fails
         if FORM_FAILURE then
              msg_popup(DBMS_ERROR_TEXT,'F',TRUE);
         else
         msg_popup('Your Password has been changed.','I',True);
         end if;
    end if;
    end;
    This code executes on the form that runs the custom logon form
    On-Logon (Form Level)
    CALL_FORM('co_f_logon', NO_HIDE);
    IF :global.logged_on != 'TRUE' THEN
    RAISE FORM_TRIGGER_FAILURE;
    END IF;
    What am I doing wrong?
    thanks for you help in advance
    Jim C

    This approach may not be the safest, as having a special account able to change other users passwords can bring important security considerations.
    For example, suppose the user and password of that special account are "hard coded" in your application. That means you will not be able to change that password often. So, it will bee too easy to use a brute-force attac, to guess this password. After that, you could simply change the password of any user you want, and impersonate it. Of course, there are many other considerations to think of, but I'm sure you get the idea by now.
    A much better approach could be to write a little program that receives username, old password, new password and connection as parameters, and uses the Oracle OCI API to change the password. Then you could simply call this little program from your application when needed, providing the right parameters, to do the trick.
    I found a good sample of this in metalink note 52718.1, Handling Expired Passwords from within Forms (V4.5/5.0)
    In this note, you'll find a little pro-c code to do just that. There is also another note (124970.1) with a little more complicated sample made in Java.
    (you may need to select All Sources on metalink to find it, as they have been archived and are no longer presented if you search only the knowledge base).
    hope this helps.
    Eng. Gabriel Rosales Aymerich, M.Sc.
    Senior DBA
    Mercado de Valores de Costa Rica

  • Change Password with changePasswordForSelf and Special character

    Hi,
    I was trying to use the OIM (9.1.1.0) API to change the password using:
    userIntf.changePasswordForSelf(oldPassword, newPassword, confirmNewPassword);
    This works when I use some standard password.
    The issue appears when I try to enter certain special character: e.g: < or >
    The error returned is :
    <Error (class Thor.API.Exceptions.IllegalInputException): Thor.API.Exceptions.IllegalInputException>
    Exception is: Thor.API.Exceptions.IllegalInputException
    I reckon this is done to prevent injections.
    I didn't see any restriction in any of Oracle documentation and was wondering if you can help me understanding:
    - if you have observed the same issues before
    - which character are affected by this
    - if there is a work around to allow these character
    Thank you.

    That's because the special characters you are using are the scripting tags and it confuses itself with the OIM scripting process, for instance JSP's etc.
    So I would recommend not to do it and have your policies in place which restricts end-user to have a password with such special characters. I did not tried that but you can possibly do that.

  • Who is using APEX and DATGUARD environment

    Short question for discussion:
    Who uses apex in a dataguard environment for avaibility (failover) and perhaps scalability(snapshot standby)?
    Who is interested in creating such environment?

    Hello,
    Yes we're using it in some environments.
    John.
    Blog: http://jes.blogs.shellprompt.net
    Work: http://www.apex-evangelists.com
    Author of Pro Application Express: http://tinyurl.com/3gu7cd
    REWARDS: Please remember to mark helpful or correct posts on the forum, not just for my answers but for everyone!

  • Need to change passwords, Unity, IPCC and CCM

    I need to change the admin passwords on all servers. What, if anything, can I expect to break.
    Thanks

    also, you will not just change passwords from the windows account manager hopefully.
    cisco provides utilities or procedures for changing passwords in most of these environments.
    for CCM follow:
    http://www.cisco.com/en/US/products/sw/voicesw/ps556/products_administration_guide_chapter09186a00801ec5d0.html
    for UNITY follow:
    http://www.cisco.com/en/US/products/sw/voicesw/ps2237/products_tech_note09186a0080093f54.shtml
    for IPCC see:
    http://www.cisco.com/iam/unified/ipcc1/Problems_Caused_by_Password_Changes.htm#wp1097435
    for IVR follow:
    http://www.cisco.com/en/US/products/sw/custcosw/ps1846/products_qanda_item09186a008022e8e3.shtml

  • Color changes when using Vignette and Levels...

    Its most promenant with reds, but when I am editing a RAW image and click Vignette, my reds turn orange-ish.  I noticed this with Levels as well.  Even after I click the reset arrow but leave the Levels box checked, the reds are still orange.  This happens on different images as well.  Any thoughts...?  Thanks.  mike.

    Hi. I currently use Canon, and i only see it in my RAW files.  All camera firmware is up-to-date. I am running latest version of Aperture, but still running 10.6.8. I went through a bunch of old photos where there was a good red color of something and i was able to duplicate the problem each time. Where there was a large area of red, it was VERY noticable. Also, I used to shoot with Nikon and my NEF files do the same thing where there is a nice red.  It seems to be an Aperature "thing."
    What i find so curious, is that even if I make no adjustments to the Levels sliders, just checking the box alters the color, same with the Vignette brick.  Also, I do color calibrate my monitor. thanks.

  • Pre changed passwords for Gmail and Facebook?

    I just got my Palm Pre yesterday, and I'd totally love it except for one issue - it seems that it reset or changed my password for my Gmail and Facebook accounts. Initially I had no trouble with the phone - I was able to access and sync my email/facebook to the phone and use them. I then used both from my desktop computer, no problem. I tried it again a while later (maybe 30 minutes) from the desktop and the passwords were invalid.
    I've been trying to reset my Gmail password, but because I can't access the alternate email (that's what I get for not loggin into it for literally years and forgetting the answers to the security questions) I've been having a REALLY hard time with it. I have no idea how this happened or what I can do. I *really* need access to my email!
    Help.

    HI,
    It used to be that for iChat we used to have to tell people to set up their Google Account using their Google ID exactly as it shows on the Google Web Mail Page (Or iGoogle) to make sure they had to "right" ending.
    The Server is talk.google.com
    This does not follow the format used by other Jabber servers which take the last part of the ID and pulls that through to the Server Setting tab and this is why iChat and the versions of Messages have a separate Google option to add the Account.
    The next issue would be to then check the Mac firewall
    It is in System Preferences > Security and Privacy > Firewall.
    It will need Unlocking.
    What used to be in the Advanced Button is not in the Options Button
    In here if the Firewall On then the Allow Signed Software needs to be Enabled and Messages and IMAgent need to be in the list.
    If you have to Add Messages or Enabled the Signed Software bit it will pay to restart the Computer.
    The System should add IMAgent itself (Or at least ask you to confirm)
    Next we have to consider the Router.
    If you used Port Forwarding with your Previous OS (or even computer) you may find the IP the computer has at the moment does not work for the Port Forwarding you set up.
    Ideally use UPnP if you device has it.
    It allows for Multiple computer s to use the same ports.  The ports open when the app needs them and close after  certain period on Non use.
    For Messages and iChat it also allows Screen Sharing to work as this part uses a random port.
    9:07 PM      Wednesday; July 25, 2012
    Please, if posting Logs, do not post any Log info after the line "Binary Images for iChat"
      iMac 2.5Ghz 5i 2011 (Lion 10.7.2)
     G4/1GhzDual MDD (Leopard 10.5.8)
     MacBookPro 2Gb (Snow Leopard 10.6.8)
     Mac OS X (10.6.8),
    "Limit the Logs to the Bits above Binary Images."  No, Seriously

  • I just updated to ios 6 and now I can't get through the set up.  has made me change password three times and says my email address is already taken... well yeah, that's me.  how to go on?

    Its telling me to sign in using my email.  When i do,  it says that email is already taken.  No,  really?  So now it wants me to change my password again.  ***?
    I can sign in to my account on my computer, so basically my ipad is junk now.  Is there a way to uninstall the update.

    Its telling me to sign in using my email.  When i do,  it says that email is already taken.  No,  really?  So now it wants me to change my password again.  ***?
    I can sign in to my account on my computer, so basically my ipad is junk now.  Is there a way to uninstall the update.

  • Problem inserting a clob using bpel and database adapter

    We are having issues inserting a clob field into the database when the data is over 4000 characters. Anything under 4000 characters works fine.
    The error we are seeing is "Error while converting to a Java struct object. Unable to convert XSD element P_RESPONSE_ARRAY_ITEM whole user defined type is QC_CRCBT_PKG_RESPONSE_TYPE. Cause: java.lang.ClassCastException: oracle.sql.CLOB; nested exception is: ORABPEL-11802"
    We are using BPEL 10.1.3.3 and a database adapter. THE PL/SQL parameter decomposes to a clob type. Again, anything under 4000 characters works fine.
    Any ideas?

    This is likely due to Bug-6629539, which has just been identified and fixed in 11. You can request a one-off patch for this bug (i.e. a BLR off of the 10.1.3.3.0 release label).

Maybe you are looking for